https://bugzilla.wikimedia.org/show_bug.cgi?id=30039
--- Comment #2 from Van de Bugger <[email protected]> 2011-07-29 18:18:00 UTC --- Sorry, I am not an experienced PHP developer, so I did not get everything you wrote. As I understand, vulnerability is only possible if Variables extension is not installed AND register_globals is ON. register_globals is OFF by default and I saw a lot of warnings that it should remain be OFF. However, I do not object to introduce a hook if you point me an example what it is. Another thing I though about is fully emulating Variables in ParserFunctions. Variables is trivial extension and is in public domain, so it is possible to just incorporate Variables into ParserFunctions. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
